genexuslabs · sgrampone · Sep 9, 2022 · Sep 7, 2022
diff --git a/dotnet/src/extensions/SecurityAPI/dotnet/dotnetframework/GeneXusJWT/JWT/JWTCreator.cs b/dotnet/src/extensions/SecurityAPI/dotnet/dotnetframework/GeneXusJWT/JWT/JWTCreator.cs
@@ -42,7 +42,14 @@ public JWTCreator() : base()
 		public string DoCreate(string algorithm, PrivateClaims privateClaims, JWTOptions options)
 		{
 			this.error.cleanError();
-			return Create_Aux(algorithm, privateClaims, options);
+			return Create_Aux(algorithm, privateClaims, options, null, true);
+		}
+
+		[SecuritySafeCritical]
+		public string DoCreateFromJSON(string algorithm, string json, JWTOptions options)
+		{
+			this.error.cleanError();
+			return Create_Aux(algorithm, null, options, json, false);
 		}
 
 		[SecuritySafeCritical]
@@ -123,11 +130,11 @@ public string GetTokenID(string token)
 		/******** EXTERNAL OBJECT PUBLIC METHODS - END ********/
 
 		[SecuritySafeCritical]
-		private string Create_Aux(string algorithm, PrivateClaims privateClaims, JWTOptions options)
-		{ 
+		private string Create_Aux(string algorithm, PrivateClaims privateClaims, JWTOptions options, string payloadString, bool hasClaims)
+		{
 			if (options == null)
 			{
-				this.error.setError("JW004", "Options parameter is null");
+				this.error.setError("JW000", "Options parameter is null");
 				return "";
 			}
 			JWTAlgorithm alg = JWTAlgorithmUtils.getJWTAlgorithm(algorithm, this.error);
@@ -147,12 +154,27 @@ private string Create_Aux(string algorithm, PrivateClaims privateClaims, JWTOpti
 			AsymmetricSignatureProvider.DefaultMinimumAsymmetricKeySizeInBitsForSigningMap["ES384"] = 112;
 			/***Hack to support 192 ECDSA key lengths - END***/
 			JwtPayload payload = null;
-			if (privateClaims == null)
+			if (hasClaims)
 			{
-				this.error.setError("JW005", "PrivateClaims parameter is null");
-				return "";
+				if (privateClaims == null)
+				{
+					this.error.setError("JW000", "PrivateClaims parameter is null");
+					return "";
+				}
+				payload = doBuildPayload(privateClaims, options);
+			}
+			else
+			{
+				try
+				{
+					payload = JwtPayload.Deserialize(payloadString);
+				}
+				catch (Exception ex)
+				{
+					this.error.setError("", ex.Message);
+					return "";
+				}
 			}
-			payload = doBuildPayload(privateClaims, options);
 
 
 			SecurityKey genericKey = null;
@@ -192,7 +214,7 @@ private string Create_Aux(string algorithm, PrivateClaims privateClaims, JWTOpti
 				}
 				else
 				{
-					this.error.setError("JW015", "Not recognized key algorithm");
+					this.error.setError("JW012", "Not recognized key algorithm");
 					return "";
 				}
 				if (genericKey == null)
@@ -231,7 +253,7 @@ private string Create_Aux(string algorithm, PrivateClaims privateClaims, JWTOpti
 			catch (Exception e)
 			{
 
-				this.error.setError("JW006", e.Message);
+				this.error.setError("JW003", "key size: " +  /*genericKey.KeySize.ToString()*/e.Message + e.StackTrace);
 
 				return "";
 			}

diff --git a/...tensions/SecurityAPI/test/dotnetcore/SecurityAPITestNetCore/SecurityAPITestNetCore.csproj b/...tensions/SecurityAPI/test/dotnetcore/SecurityAPITestNetCore/SecurityAPITestNetCore.csproj
@@ -30,6 +30,7 @@
     <Compile Include="..\..\dotnetframework\SecurityAPITest\Jwt\Asymmetric\TestECDSACurvesPrimeJwt.cs" Link="Jwt\Asymmetric\TestECDSACurvesPrimeJwt.cs" />
     <Compile Include="..\..\dotnetframework\SecurityAPITest\Jwt\Asymmetric\TestECDSACurvesSecpJwt.cs" Link="Jwt\Asymmetric\TestECDSACurvesSecpJwt.cs" />
     <Compile Include="..\..\dotnetframework\SecurityAPITest\Jwt\Asymmetric\TestECDSACurvesSectJwt.cs" Link="Jwt\Asymmetric\TestECDSACurvesSectJwt.cs" />
+	<Compile Include="..\..\dotnetframework\SecurityAPITest\Jwt\Features\TestCreateFromJSON.cs" Link="Jwt\Features\TestCreateFromJSON.cs" />
     <Compile Include="..\..\dotnetframework\SecurityAPITest\Jwt\Features\TestJwtDiverseDataTypes.cs" Link="Jwt\Features\TestJwtDiverseDataTypes.cs" />
     <Compile Include="..\..\dotnetframework\SecurityAPITest\Jwt\Features\TestJwtHeaderParameters.cs" Link="Jwt\Features\TestJwtHeaderParameters.cs" />
     <Compile Include="..\..\dotnetframework\SecurityAPITest\Jwt\Features\TestJwtNestedClaims.cs" Link="Jwt\Features\TestJwtNestedClaims.cs" />

diff --git a/...sions/SecurityAPI/test/dotnetframework/SecurityAPITest/Jwt/Features/TestCreateFromJSON.cs b/...sions/SecurityAPI/test/dotnetframework/SecurityAPITest/Jwt/Features/TestCreateFromJSON.cs
@@ -0,0 +1,38 @@
+using GeneXusJWT.GenexusComons;
+using GeneXusJWT.GenexusJWT;
+using NUnit.Framework;
+using SecurityAPICommons.Keys;
+using SecurityAPITest.SecurityAPICommons.commons;
+
+namespace SecurityAPITest.Jwt.Features
+{
+	[TestFixture]
+	public class TestCreateFromJSON : SecurityAPITestObject
+	{
+		protected static string payload;
+		protected static string key;
+		protected static SymmetricKeyGenerator keyGen;
+		protected static JWTCreator jwt;
+		protected static JWTOptions options;
+
+		[SetUp]
+		public virtual void SetUp()
+		{
+			payload = "{\"sub\":\"subject1\",\"aud\":\"audience1\",\"nbf\":1594116920,\"hola1\":\"hola1\",\"iss\":\"GXSA\",\"hola2\":\"hola2\",\"exp\":1909649720,\"iat\":1596449720,\"jti\":\"0696bb20-6223-4a1c-9ebf-e15c74387b9c, 0696bb20-6223-4a1c-9ebf-e15c74387b9c\"}";
+			SymmetricKeyGenerator keyGen = new SymmetricKeyGenerator();
+			key = keyGen.doGenerateKey("GENERICRANDOM", 256);
+			jwt = new JWTCreator();
+			options = new JWTOptions();
+
+		}
+
+		[Test]
+		public void TestCreateFromJSONMetod()
+		{
+			options.SetSecret(key);
+			string token = jwt.DoCreateFromJSON("HS256", payload, options);
+			bool verifies = jwt.DoVerifyJustSignature(token, "HS256", options);
+			True(verifies, jwt);
+		}
+	}
+}